A security researcher at Safetydetective.com, Sahad NK, discovered critical multiple vulnerabilities, which, when chained together, allow hackers to take control of over 400 million Microsoft Store, Microsoft Outlook, or Microsoft Sway accounts. As per the company’s blog, there were two major flaws, the first one allowed them to take over a defunct subdomain “success.office.com,” which was affiliated to a Microsoft Azure Web App service that is no longer available. The researchers took over this sub-domain by registering an Azure web-app with the name “successcenter-msprod. (CNAME).” This enabled them to control the domain success.microsoft.com and any data being sent to it.
- Compare Mobile Phones NewsIn DepthPress ReleaseHow to'sReviews
- Digit SquadVideosPhotos Contest Hot Deals